package com.jieao.template.controller;

import com.jieao.template.common.util.CurrentlyLoggedInUtil;
import com.jieao.template.entity.accountMgr.AccountDO;
import com.jieao.template.entity.pub.JsonData;
import com.jieao.template.service.PermissionService;
import com.jieao.template.service.RoleService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.validation.constraints.NotBlank;


/**
 * 登录相关
 *
 * @author Jzw
 * @className LoginController
 * @since 2020-04-11 14:57
 */
@Api("登录模块API接口")
@Slf4j
@Validated
@RestController
@RequestMapping("/api/v1")
public class LoginController
{
    @Autowired
    private RoleService roleService;

    @Autowired
    private PermissionService permissionService;

    @ApiOperation(value = "登录", notes = "登录")
    @GetMapping("/login")
    public JsonData login(@RequestParam(value = "account") @NotBlank(message = "账号不能为空") String account, @RequestParam(value = "password") @NotBlank(message = "密码不能为空") String password)
    {
        Subject subject = SecurityUtils.getSubject();
        log.info("登录系统,account:{}", account);
        try
        {
            // 调用安全认证框架的登录方法
            subject.login(new UsernamePasswordToken(account, password));
            //登录成功
            return JsonData.ok(subject.getSession().getId());
        } catch (AuthenticationException ex)
        {
            //登录失败
            return JsonData.fail("账号或密码错误!");
        }
    }

    @ApiOperation(value = "是否已登录", notes = "是否已登录")
    @GetMapping("/isLogged")
    public JsonData isLogged()
    {
        Subject subject = SecurityUtils.getSubject();
        return subject.isAuthenticated() ? JsonData.ok(subject.getSession().getId()) : JsonData.noLogin();
    }

    @ApiOperation(value = "获取用户信息", notes = "获取用户信息")
    @GetMapping("/userInfo")
    public JsonData getUserInfo()
    {
        AccountDO userInfo = CurrentlyLoggedInUtil.getUserInfo();
        log.info("获取用户信息,account:{}", userInfo.getAccount());
        return JsonData.ok(userInfo);
    }

    @ApiOperation(value = "获取权限", notes = "获取当前登录人的权限")
    @GetMapping("/permission")
    public JsonData getPermissions()
    {
        log.info("获取当前登录人的权限信息,account:{}", CurrentlyLoggedInUtil.getAccount());
        return JsonData.ok(permissionService.getAllPermissionByUserId());
    }

    @ApiOperation(value = "获取角色", notes = "获取当前登录人的角色")
    @GetMapping("/roles")
    public JsonData getRoles()
    {
        log.info("获取当前登录人的角色信息,account:{}", CurrentlyLoggedInUtil.getAccount());
        return JsonData.ok(roleService.getAllRolesByUserId());
    }

    @ApiOperation(value = "登出", notes = "登出")
    @GetMapping("/signOut")
    public JsonData signOut()
    {
        log.info("登出系统,account:{}", CurrentlyLoggedInUtil.getAccount());
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return JsonData.ok("登出成功");
    }

}
